How mobile ad fraud could kill your runway

Can you imagine attracting thousands of users and them not actually being real? Bots, click farms, and a long list of fraud modalities that you need to know to avoid in your campaigns.

Mobile Marketing
Posted on
May 1, 2023
How mobile ad fraud could kill your runway

Understand the Basics

Are you aware that maybe your ads are being sabotaged by fraudsters? Yes, sounds terrible but the best thing you can do as an advertiser is to be informed.

To begin with, in case you didn't know, mobile ad fraud is the attempt to defraud advertisers, publishers or supply partners by stealing from advertising budgets. It can take the form of faked impressions, click spam or faked installs.

The thing is, having fraudsters manipulating online advertising conversion flows to falsely obtain advertising budgets, can bring some problems to the industry where billions of dollars are spent annually. Mobile ad fraud is responsible for wasting a lot of money in marketing budgets worldwide.

Fraud tactics can impact marketing campaigns by draining advertising resources on fake users who generate zero value. As well as, it can affect budget allocations, future advertisers’ decisions and audience targeting plans.

Moreover, we could separate fraud most common methods into two categories where each one includes different types of mobile ad fraud.

Attribution hijacking

In this case fraudsters manipulate attribution by stealing credit for real installs or clicks. Although this method damages advertiser’s activity, in this situation the users are still real (organic or non-organic) and provide some value.
It includes two types:

  • Install hijacking: As it's name says, fraudsters hijack credit generated by other sources. Yes, again, it's terrible so pay attention. When the user clicks on an ad it will be directed to the Play Store as to complete the download of the legitimate app. When this process begins, the device will inform other apps that a new one is being installed.
    Here is when malware, often hidden in other apps, appears on the scene. It will generate a fake click report on behalf of the fraudster, manipulating the situation to such a point that the attribution is stolen once the app is launched.
  • Click flooding: Fraudsters capture the most valuable users from organic traffic rather than those driven by ads. They send a “flood” of false click reports from, or on behalf of real devices.
    The tactic goes like this: Users organically reach the App Store or Play Store and download an app, and when this happens a click is already falsely associated with them, even though no ad was clicked.
    When the app is launched by the user, the fraudster is credited with an organic install.

Fake Installs

Here fake clicks, installs and in-app events from fake users take place. These actions present zero value to advertisers, often making their entire user acquisition data worthless.

  • Click farms: They imitate installs, clicks, and even in-app user activities, but they bring in no real revenue. To have a better understanding, device farms are locations full of actual mobile devices clicking on real ads, downloading real apps, while hiding behind false IP addresses.
    While bots are malicious codes used to mimic real user behavior.
  • Bots: SDK spoofing is a bot-based fraud. Bots are embedded in the server or the app code to simulate installs, clicks and other signals, to fake traffic or to create a semblance of activity inside the app. In the end, the advertising budget is quickly spent on non-existent users.

It is important to understand that advertisers are not the only ones involved in this ecosystem. There are other marketing players that are often affected by fraud damages, like: Marketing tech vendors, media partners and publishers. Without fraud treatment budgets and reputations are in danger.

How can marketers prevent this?

To start with, the knowledge of mobile ad fraud indicators is the key to prevent damage. Data analysis can help you to collect important information to identify fraudulent activities faster and more efficiently. Let’s see some items…

CTIT (Click to install time): Basically it measures the user journey. Their initial ad interaction and their first app launch. For example, under 10 seconds it can possibly be an install hijacking fraud.

New device rate: It will highlight the percentage of new devices downloading the advertiser’s app. This rate is determined by new device ID’s measured, so don’t forget to keep an eye on that.

Device sensors: It is a magical indicator. Why? Because it can analyse the device and user behavior per each install and their compatibility to normal trends from real users.

Limit ad tracking: It is only available for Google and iOS and enables users to limit the data obtained by advertisers.

Conversion rate: The knowledge of expected conversion rates in the user journey can help prevent fraud infiltration.

Artificial intelligence: It can  indicate fraud instances untraceable by humans.

All the fraudulent actions mentioned in the previous paragraphs are done with common tools. The keypoint here is the manipulation of common tools used by legitimate users, advertisers or developers.

We can use 3 points as an example:

  1. Device emulators: First, what is the meaning of emulator? Well, it is a tool used by game developers to create a virtual device environment to test different app features. But the problem here is that fraudsters use these to imitate users' interactions and create fake ones.
  2. VPN: A VPN is a ‘virtual private network’. It is a digital tool that redirects your internet traffic through a secure tunnel, hiding your IP address and encrypting your data. Fraudsters make a massive use of this tool to hide their IP addresses and to avoid being blacklisted.
  3. Malware: Surely you read this word in the previous paragraphs and wondered what exactly it was, well here there is a more accurate definition: It is a malicious software intentionally designed to cause damage to a device, server, client, or computer network. Which are its main activities? Falsifying data and exploiting advertisers as well as users.

Coming back to the initial question of this section, understanding the percentage of fraud in your vertical/industry can be very useful. Did you know that almost one in three app installs is fraudulent? The average install fraud rate for non-gaming apps currently stands at 31.8%.

In the fraud scale gaming apps are the least harmed with a fraud rate only for 3.8% because of their lower CPI’s rates (cost per install), as they focused on engaged users.

Whereas, finance, travel and shopping apps have a high install fraud presence because of their relatively high CPIs and marketing budgets. Also the fact that some of them are new in digital advertisement can be a signal.

Do not forget that the difference of fraud between operation systems like iOS and Android, is another essential fact to have in account. Why? Because even though iOS is vulnerable, Android suffers from over 6x higher install fraud rates. This last one operates an open-for-all OS, which attracts fraudsters seeking opportunities. While iOS, instead, includes a strict vetting process for apps seeking to enter its store.

Key takeaways


Best practices

Invest in anti-fraud solutions and if you are affiliated with a marketing software, make sure it already has one. Also, pay attention to unusual traffic patterns, high CTR  with low conversion rates and to unreasonably low or high time-to-install.

5 things marketers should remember

  1. Mobile ad fraud can be classified under two main categories, and each of them have different methods that can differ in methodology, technology and scale.
  2. Understand where in the fraud scale your industry stands.
  3. Data analysis can help you to collect important information to identify fraudulent activities faster and more efficiently.
  4. Understanding common fraudsters' tools can be very useful.
  5. Remember: Wherever the money is, fraud is likely to be there.

To sum up, knowing that fraudsters are inventive and creative is a key point to anticipate the facts. Do always pay attention and be informed about this issue because their methods evolve over time to adapt and bypass industry regulations and anti-fraud defence mechanisms.

If marketing campaigns begin to be planned with an anti-fraud security plan from the beginning, the loss of time and money can be easily avoided. Technology continues to develop at extreme levels and precisely mobile marketing is an area that cannot be left behind.